Listing Numbered Rules
To remove a rule we need to first know all the rules with their corresponding numbers. It is a simple numbered list, much like a shopping list. As already discussed, this information can be displayed using numbered sub-subcommand:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 443 ALLOW IN Anywhere
[ 3] 80 ALLOW IN Anywhere
[ 4] 22/tcp (v6) ALLOW IN Anywhere (v6)
[ 5] 443 (v6) ALLOW IN Anywhere (v6)
[ 6] 80 (v6) ALLOW IN Anywhere (v6)
The numbers on the left corner can be used to delete the corresponding rule.
Removing UFW Rules
Using numbers as reference we can delete the rules like so:
ufw delete 2
Deleting:
allow 443
Proceed with operation (y|n)?
From the above list of rules, this would delete the second rule which allows ingress at port 443. Deleting it would revert the default behaviour at port 443 to default — which is deny ingress and allow egress, unless the default itself is changed.
Don’t run the same delete command over and over again! The numbering changes everytime you remove a rule that is not at the end of the list. For example, removing the second rule would make the third rule to come to the second place. Running, ufw delete 2 a second time would now delete that rule. So it is advisable to always run ufw status numbered before and after the removal of a rule so you are up to speed with the current list.
That’s all there is to deleting rules from your UFW firewall. The command is gracious enough to tell you explicitly what rule is being deleted (“Deleting: allow 443”, in the above example) before deleting it. So you really can’t go wrong with this aspect of UFW.